Trusted Security Zone Communication Addressing on an Electronic Device

1. A method of communicating with a computing device having a trusted security zone, the method comprising: mapping a unique identifier for a computing device with a trust zone access control address, wherein the computing device comprises a normal security zone and a trusted security zone providing hardware assisted security that is separate from the normal security zone, wherein the trust zone access control address is unique to a hardware component of the trusted security zone within the computing device, and wherein when an application executes in the trusted security zone of the computing device, applications that are configured to execute in the normal security zone are prevented from executing on the computing device; composing, by a source external to the computing device, a message comprising the trust zone access control address, wherein the trust zone access control address is not discoverable from the computing device, and wherein the trusted zone access control address is different from the unique identifier; routing the message to the computing device based on the unique identifier, wherein the message is internally routed to the trusted security zone within the computing device using the trust zone access control address, and wherein the message is received by an application executing in the trusted security zone of the computing device; providing a second message to a second application on the computing device executing in the trusted security zone subsequent to routing; obtaining a response from the second application on computing device; and determining that the message was routed to the trusted security zone based on the response obtained from the second application.

2. The method of claim 1 , wherein the computing device further comprises a plurality of trusted security zones and a plurality of trust zone access control addresses corresponding to each of the plurality of trusted security zones.

3. The method of claim 1 , further comprising: receiving a request to send a message to the trusted security zone on the computing device, wherein the request comprises the unique identifier for the computing device; and verifying the request as being authorized to send to the computing device.

4. The method of claim 1 , wherein mapping the unique identifier with a trust zone access control address comprises: sending the unique identifier to a data store; correlating the unique identifier with the trust zone access control address; and receiving a response comprising the trust zone access control address.

5. The method of claim 1 , wherein the unique identifier comprises at least one of: the MAC address of a modem or radio transceiver on the device, a mobile equipment identifier, a mobile station identifier, a mobile directory number, a network access identifier, an electronic serial number, an international mobile equipment identity, a private IP address, a link layer address on a local area network, or any combination thereof.

6. The method of claim 1 , further comprising: mapping the unique identifier with a public reference for the computing device, wherein the message further comprises the public reference, and where the message is routed to the computing device using the public reference.

7. The method of claim 1 , further comprising: mapping the unique identifier with a private IP address for the computing device, wherein the message further comprises the private IP address, and where the message is routed to the computing device using the private IP address.

8. The method of claim 1 , further comprising: mapping the unique identifier with a link layer address for the computing device, wherein the message further comprises the link layer address, and where the message is routed to the computing device using the link layer address.

9. The method of claim 1 , wherein the message further comprises a key, and wherein the method further comprises: obtaining access to the trusted security zone using the key; composing a second message comprising the trust zone access control address and data; routing the second message to the computing device based on the unique identifier, wherein the second message is internally routed to the trusted security zone using the trust zone access control address, and wherein the data is provided to the trusted security zone based on the access to the trusted security zone.

10. The method of claim 1 , wherein the application executing in the trusted security zone configures the processor to perform one or more of: provisioning a new application in the trusted security zone, changing a setting in the trusted security zone, storing information in the trusted security zone, restoring one or more components from the trusted security zone, replacing one or more components from the trusted security zone, or removing one or more components from the trusted security zone.

11. A method of communicating over a network, the method comprising: receiving, from an external device, a message at a computing device, wherein the message comprises a routing address, a trust zone access control address, and a key, wherein the computing device comprises a normal security zone and a trusted security zone providing hardware assisted security that is separate from the normal security zone, wherein the routing address comprises information configured to route the message to the computing device, wherein the trust zone access control address is unique to a hardware component of the trusted security zone within the computing device, and wherein when an application executes in the trusted security zone of the computing device, applications that are configured to execute in the normal security zone are prevented from executing on the computing device; internally providing the message to the trusted security zone based on the trust zone access control address, wherein the trust zone access control address is not discoverable from the computing device, and wherein the trust zone access control address is different from the routing address; initiating an execution of an application within the trusted security zone of the computing device using the key; preventing the execution of any applications in the normal security zone in response to initiating the application within the trusted security zone; receiving a second message comprise the trust zone access control address and data; internally providing the second message to the trusted security zone based on the trust zone access control address in the second message while the application is executing in the trusted security zone; processing the data in the second message within the trusted security zone; performing an action within the trusted security zone based on processing the data; and providing a third message to the external device from a second application executing in the trusted security zone, wherein the third message comprises information indicating that the second massage was routed to the trusted security zone.

12. The method of claim 11 , wherein the message received at the computing device is encapsulated using one or more tokens or encryption keys.

13. The method of claim 11 , wherein the computing device comprises a modem, wherein the message is received by the modem, and wherein internally providing the message to the trusted security zone comprises: extracting the trust zone access control address from the message, and internally routing the message to the trusted security zone using the extracted trust zone access control address.

14. The method of claim 11 , wherein performing the action within the trusted security zone comprises at least one of: provisioning a new application in the trusted security zone, changing a setting in the trusted security zone, storing information in the trusted security zone, restoring information in the trusted security zone, replacing information in the trusted security zone, or removing information from the trusted security zone.

15. A computing device comprising: a modem; a processor, wherein the processor comprises a trusted security zone and a normal security zone, wherein the trusted security zone provides hardware assisted security; a memory comprising non-transitory storage; a trusted security zone application stored in the memory, that upon execution on the processor, configures at least the processor to: block access by other applications executing in the normal security zone of the processor from accessing the memory, reading inputs, and writing outputs while the trusted security zone application executes in the trusted security zone, accept a massage comprising a trust zone access control address from a source external to the computing device, wherein the trust zone access control address is not discoverable from the computing device, process the massage within the trusted security zone, and change information within the trusted security zone based on processing the massage within the trusted security zone; and the trust zone access control address encoded into at least one of the trusted security zone of the processor or a secure partition in the memory, wherein the trust zone access control address is unique to the at least one of the trusted security zone of the processor or the secure partition in the memory; and a first application stored in the memory, that upon execution by the processor, configures at least the processor to: receive a second massage from the source external to the computing device, invoke the first application in response to reception of the massage, wherein the first application executes in the trusted security zone, and provide a response massage to the source subsequent to invocation of the trusted security zone, wherein the response massage comprises information that indicates that the information within the trusted security zone changed after the massage comprising the trust zone access control address is accepted.

16. The device of claim 15 , further comprising: a plurality of processors, wherein each processor of the plurality of processors comprises a trusted security zone and a normal security zone; and a plurality of trust zone access control addresses, wherein each trust zone access control address of the plurality of trust zone access control addresses is encoded in a corresponding processor of the plurality of processors.

17. The device of claim 15 , wherein the trust zone access control address is not capable of being changed.

18. The device of claim 15 , wherein the modem is configured to route a message received at the modem to the trusted security zone using the trust zone access control address contained in the message.

19. The device of claim 15 , wherein the trusted security zone application configures the processor to change the information within the trusted security zone by at least one of: provisioning a new application in the trusted security zone, changing a setting in the trusted security zone, storing information in the trusted security zone based on the trust zone access control address, restoring one or more components from the trusted security zone, replacing one or more components from the trusted security zone, or removing one or more components from the trusted security zone.